Permissions required for AD account to do ADjoin

Showing results for 
Search instead for 
Do you mean 
Reply
Participant III
Posts: 21
Registered: ‎11-16-2017
#1 of 2 529

Permissions required for AD account to do ADjoin

 Hi,

 

What are the minimum permissions required for an AD account to run ADjoin?

I know it works with admin privileges, is there a minimum set of permissions which we can be assigned to accounts so that they can run adjoin and adleave from their end.

 

Thanks,

Niru

Centrify Guru I
Posts: 2,430
Registered: ‎07-26-2012
#2 of 2 523

Re: Permissions required for AD account to do ADjoin

[ Edited ]

@Niru,

 

At a minimum the user needs the delegated right to add computers to the target OU or container in Active Directory- taking in consideration the mode (Auto Zone or Zone).  If in Zone mode, the user need at least the delegated right to "Add computers to the zone" and if planning to add to computer roles (stored in AD groups) the user needs the ability to modify the membership of the group.

 

Read all about it here: 

 

https://community.centrify.com/t5/Centrify-Infrastructure-Services/adjoin-fails-for-non-admins/td-p/...

 

R.P

Want to learn more about practical Centrify examples? Check out my blog at http://centrifying.blogspot.com
Follow Centrify: